Free Burp Suite Tutorials

Saw a post today on reddit for free Burp Suite Tutorials. If  you enter the following promo code REDDIT_FREE_BURP at The New Boston Store you will be able to download the digital content.  The tutorials comes as a 800 MB zip file that decompresses to 1.2 GB of mp4 video files. I’ve started viewing them already and I suggest you have a hypervisor ready to install a test web application on.  The web application they are using to test against in the tutorials so far is bWapp.  If enough people are interested we might start a study group.  Please respond the distribution list if you are interested in the study group.

RingZer0 Team Online CTF

RingZer0CTF

RingZer0 Team  Online CTF doesn’t appear to have a time limit and is available to anyone that would like to play once they register with the site.  A few of us have already started playing and have started scoring points.  I recommend everyone check it out.

RingZer0 Team Online CTF

 

DEF CON 23 Paris and Bally’s Room Blocks are Sold Out!

Paris – 2,916
Bally’s – 2,814

The DEF CON block at Bally’s and Paris is officially sold out. There’s still some good news for procrastinators, though – there’s still room at our con-goer rates at the nearby Flamingo, Link, Planet Hollywood and Caesars. At least, there is room right now. You’re gonna want to act briskly if you want to get the DEF CON group rate.

Here’s the reservation link:
https://aws.passkey.com/g/32601197

And here’s the direct lines to the hotels still offering the DC23 rate:
Flamingo 888-373-9855
Caesar’s 866-227-5944
Linq 866-523-2781
PH 866-317-1829

Hotels Infographic image

Source: DEF CON® Hacking Conference – Recent News

DEF CON in the News: FOIA Edition

DEF CON in the News: FOIA Edition Posted 5.12.15 Our humble party game ‘Spot the Fed’ is getting a lot of press lately. Which is cool. The good folks at MuckRock filed a FOIA Request that asked for, among other things, the FBI’s files on DEF CON, and at the end of April they got a response in which STF is mentioned specifically a few times. Which is also cool, but there’s a little more to the story that DEF CON fans might be interested to hear. First: Spot the Fed for the uninitiated. Spot the Fed is a con amusement enjoyed by hackers and Fed/Gov/LE attendees alike, and it works thusly: Con-goers notice a suspicious ‘outdoor kid’ lurking about, and they alert a Goon (preferably Priest). With the spotee’s permission, Priest or one of his minions asks a battery of questions designed to discover their mode of employment. If MIB status is uncovered in the course of questioning, the spotter and the Fed get T-shirts. Both spotter and spotted are then free to resume their conference unmolested. So it’s sort of a catch-and-release program, if you will. We pride ourselves in both our ability to spot Feds, and our ability to return them in the condition received. Now, a little backstory. For reference, here’s a shakycam recording of a round of Spot the Fed from DEF CON 14, featuring the incisive interrogatory style of Priest. The picture attached to this post is from DEF CON 2 and features the very first Fed ever Spotted wearing the very first ‘I Am the Fed’ shirt we ever gave out. Memories. Astute readers of the FOIA docs

http://www.defcon.org/images/links/foia/FOIA-request-1321038-00.pdf

http://www.defcon.org/images/links/foia/FOIA-1321038-0-defcon12.PDF

http://www.defcon.org/images/links/foia/FOIA-1321038-0_-Defcon8.PDF

http://www.defcon.org/images/links/foia/FOIA-1321038-0_-Defcon3.PDF

will notice that there was another FOIA request for DEF CON still being processed at the time that MuckRock’s request was going through. That request came from badass EFF lawyer and frequent DEF CON speaker Marcia Hofmann, and it was filed in response to a Federal Grand Jury investigation that you might recognize from the DEF CON documentary. The docs actually help solve the nagging mystery DT’s talking about in that video. “I had always assumed the grand jury investigation was related to a National Security investigation, but now that the FBI FOIA is out we know. FEDs don’t all attend because of the talks, sometimes they have real work.” -Dark Tangent The docs are liberally redacted, but they do illustrate the varying levels of interest lavished upon our little party by one of the TLAs in attendance. The docs MuckRock released include reports from DEF CONs 3, 8 and 12. Despite the hostility people insist on reading into the FBI comments, spotted Feds almost universally take the stage with good humor and answer our questions with patience and more candor than their job descriptions require. If you want to get in on the FOIA action and see some FBI files of your own, we recommend watching this talk from the aforementioned Marcia Hofmann from DEF CON 18.

Source: DEF CON® Hacking Conference – Recent News